freeradius 1.1.4 + LDAP + PEAP/mschapv2
Alan DeKok
aland at deployingradius.com
Mon Feb 19 14:32:25 CET 2007
Baptiste Delporte wrote:
> Mon Feb 19 09:30:08 2007 : Error: rlm_mschap: Invalid LM-Password
> Mon Feb 19 09:30:08 2007 : Error: rlm_mschap: Invalid NT-Password
That happens only when an LM-Password and NT-Password are added for
the user, AND where they're not the right format.
> /Authentication works perfectly with the same config files (eap.conf,
> radiusd.conf,users...) with an older version (1.0.1 and even 1.1.3) of
> freeradius on the same server.
Run the server in debugging mode in 1.1.3, and in 1.1.4. See what's
different.
The PAP module changed in 1.1.4, but I don't see why it would break
MSCHAP.
> In both cases, I get this line when I run freeradius in debug mode :
>
> /rlm_pap: WARNING! No "known good" password found for the user.
> Authentication may fail because of this.
That happens if there's no way to authenticate the user. But it
shouldn't result in the above messages from the mschap module.
> /And I can't find if there's a link between that warning and the
> authentication failure for some of my users.
Perhaps you could try posting the whole debug output, rather than tiny
pieces.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list